Re: Bogon filtering (don't ban me)

[James <haesu () towardex com>]

On Sun, Dec 05, 2004 at 07:38:06PM +0100, Cliff Albert wrote:
> On Sun, Dec 05, 2004 at 12:36:08PM -0600, Rob Thomas wrote:
>
> > ] I have one question regarding the CYMRU bogon route-server. What good is
> > ] it if more-specific bogons are going around in the BGP table ?
> >
> > At present, none.  We have feature requests into some major router
> > vendors to make this more useful.  The goal is to provide a syntax
> > similar to prefix-list that would permit you to filter on a prefix
> > and anything more specific.  Stay tuned!
>
> Indeed, that's the biggest problem at the moment. I have seen some folks
> feature requesting this at juniper, but seems they all got a big NO
> back.
>
> -- 
> Cliff Albert <cliff () oisec net>

Just FYI --

Team Cymru also provides IRR objects for those using automated BGP policies
with ease. Using IRR objects, dependent on how *you* set it up, you should be
able to filter out specifics.

Their object is fltr-bogons on whois.radb.net:
filter-set:   fltr-bogons
descr:        All bogon IPv4 prefixes.
filter:       fltr-unallocated OR fltr-martian
tech-c:       RTH32-ARIN
admin-c:      RTH32-ARIN
mnt-by:       MAINT-BOGON-FILTERS
changed:      radb () cymru com 20040420
source:       RIPE

Example for filtering bogons from transit:

import:  from AS209  accept ANY and not fltr-bogons

I make use of these objects for configuring BGP for customers who are multihomed
to different ISP's, so far with great success.

Hope this helps,

-J

-- 
James Jun                                            TowardEX Technologies, Inc.
Technical Lead                      Boston IPv4/IPv6 Web Hosting, Colocation and
james () towardex com            Network design/consulting & configuration services
cell: 1(978)-394-2867           web: http://www.towardex.com , noc: www.twdx.net